just asking #7
Description
我不理解这个0x8000的判断是啥意思
when i review ur source code, in function get_module_base_addr(Utils.h)
what does 0x8000 means?
if (ModuleBaseAddr == 0x8000)
ModuleBaseAddr = 0;The original function is
/**
* @brief 在指定进程中搜索对应模块的基址
*
* @param pid pid表示远程进程的ID 若为-1表示自身进程
* @param ModuleName ModuleName表示要搜索的模块的名称
* @return void* 返回0表示获取模块基址失败,返回非0为要搜索的模块基址
*/
void *get_module_base_addr(pid_t pid, const char *ModuleName){
FILE *fp = NULL;
long ModuleBaseAddr = 0;
char szFileName[50] = {0};
char szMapFileLine[1024] = {0};
// 读取"/proc/pid/maps"可以获得该进程加载的模块
if (pid < 0){
// 枚举自身进程模块
snprintf(szFileName, sizeof(szFileName), "/proc/self/maps");
} else {
snprintf(szFileName, sizeof(szFileName), "/proc/%d/maps", pid);
}
fp = fopen(szFileName, "r");
if (fp != NULL){
while (fgets(szMapFileLine, sizeof(szMapFileLine), fp)){
if (strstr(szMapFileLine, ModuleName)){
char *Addr = strtok(szMapFileLine, "-");
ModuleBaseAddr = strtoul(Addr, NULL, 16);
if (ModuleBaseAddr == 0x8000)
ModuleBaseAddr = 0;
break;
}
}
fclose(fp);
}
return (void *)ModuleBaseAddr;
}